Tailscale
Unlike using Ngrok, this method does not expose your UI to the public internet. To access the UI remotely, you need to join an authenticated VPN. This greatly improves security, but adds a bit of additional work for users.
Tailscale is a really really cool service! You may find yourself using it for other projects, too.
-
Sign up for an account at Tailscale. The free account is fine for now.
-
Once signed up and logged in, visit the Tailscale admin.
-
Install Tailscale on your computer.
-
SSH into your leader Pioreactor. Install Tailscale for Raspberry Pi with the following:
curl -fsSL https://tailscale.com/install.sh | sh
. You don't need to install anything on the workers. -
Back in your Tailscale admin, you should see two machines: your computer and the leader Pioreactor. Make note of the ipv4 address for the leader - we will use it below.
-
You should still be able to access
http://pioreactor.local
without any problems. -
In your config.ini, add your ipv4 address to the
[mqtt]
section:[mqtt]
...
broker_address=<ipv4 address>
...If you have other Pioreactors in your cluster: you likely won't be adding those to tailscale (only adding the leader is necessary for remote access), so in each of the worker config files, add:
[mqtt]
broker_address=<leader name>.localAnd save. This means that your workers will connect "locally" (over the local network), but the UI will connect "remotely".
-
Now, when you leave the local network, and if you have internet access, you can turn your VPN on and still access
http://<ipv4 address>
. Troubleshooting: tryhttp://<hostname>
, but confirm that magicDNS is on, too. -
You can use the Tailscale admin to add users to your VPN, too.